<?php

/*
 * vote ajax
 */
header('Content-type: text/json; charset=UTF-8');
define('ROOT', dirname(__FILE__));
define('TIMESTAMP', time());
require ROOT . '/include/function_core.php';
$admincp_actions = array('add', 'ranking', 'vote', 'check_phone', 'upload', 'search');

$action = preg_replace('/[^\[A-Za-z0-9_\]]/', '', getgpc('action'));
if (!in_array($action, $admincp_actions)) {
    echo 'error';
}
if ($action == 'add') {
    $name = getgpc("name");
    $phone = getgpc("phone");
    $filepaths = getgpc("bmpicurl");
    $id = $db->newid('applay');
    $db->insert('applay', array('id' => $id, 'name' => $name, 'phone' => $phone, 'photo' => $filepaths, 'vote' => 0, 'ip' => get_client_ip()));
    echo '200';
} else if ($action == 'ranking') {
    $order = empty(getgpc("order")) ? " vote desc " : " id desc ";
    $sql = "Select [id],[name],[phone],[photo],[vote] From [applay] order by  " . $order;
    $ret = $db->fecthall($sql);
    echo json_encode($ret);
    exit;
} else if ($action == "vote") {
    $timestamp = getgpc("timestamp");
    $id = empty(getgpc("id")) ? 0 : getgpc("id");
    $ip = get_client_ip();
    $sql = "update [applay] set vote=vote+1, ip='" . $ip . "'  where id=" . $id;
    $ret = $db->run($sql);
    echo $ret . "|" . $timestamp;
} else if ($action == "check_phone") {
    $valid = FALSE;
    if (getgpc('phone')) {
        $phone = empty(getgpc('phone')) ? "" : getgpc('phone');
        $sql = "Select [phone] From [applay] where phone='" . $phone . "' order by vote desc ";
        $ret = $db->fecthall($sql);
        if ($ret) {
            $valid = TRUE;
        }
    }
    echo json_encode(array('valid' => $valid,));
    exit;
} else if ($action == "upload" && !empty($_FILES)) {
    $fileTypes = array('jpg', 'jpeg', 'gif', 'png');
    $tempFile = $_FILES['filedata1']['tmp_name'];
    //$filesize = $_FILES['filedata1']['size'];
    $fileParts = pathinfo($_FILES['filedata1']['name']);
    $extName = $fileParts['extension'];
    $newfilename = date("Ymdhis") . "." . $extName;
    if (in_array($extName, $fileTypes)) {
        if (is_uploaded_file($tempFile)) {
            $stored_path = ROOT . '/data/upload/' . $newfilename;
        }
        if (move_uploaded_file($tempFile, $stored_path)) {//将上传的临时文件名移至指定的目标位置。
            echo "OK|http://club.zte.com.cn/vote/data/upload/" . $newfilename . "|upload/" . $newfilename . "";
        } else {
            echo 'ERROR|move_uploaded_file error. ';
        }
    } else {
        echo 'ERROR|Invalid file type.';
    }
} else if ($action == "search") {

    $wheresql = " where 1=1 ";
    $keywords = empty(getgpc("keywords")) ? "" : getgpc('keywords');
    if (strlen($keywords) > 0) {
        if (eregi('^[0-9]+$', $keywords)) {
            $wheresql = $wheresql . " and id=" . $keywords . " ";
        } else {
            $wheresql = $wheresql . " and name LIKE '%" . $keywords . "%' ";
        }
    }
    $page = empty(getgpc('pageNum')) ? 0 : intval(getgpc('pageNum')); //当前页
    $total = $db->count("applay", $wheresql); //总记录数
    $pageSize = 10; //每页显示数
    $totalPage = ceil($total / $pageSize); //总页数
    $startPage = $page * $pageSize; //开始记录
    //构造数组
    $arr['total'] = $total;
    $arr['pageSize'] = $pageSize;
    $arr['totalPage'] = $totalPage;

    $sql = "Select [id],[name],[phone],[photo],[vote] From [applay] $wheresql
      order by id desc Limit $startPage,$pageSize";
    $ret = $db->fecthall($sql);
    $arr['list'] = $ret;
    echo json_encode($arr); //输出JSON数据
    exit();
} else {
    echo 'action not ';
}
?>
